NetBSD Problem Report #52772

From martin@aprisoft.de  Wed Nov 29 11:30:57 2017
Return-Path: <martin@aprisoft.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 599E17A19F
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 29 Nov 2017 11:30:57 +0000 (UTC)
Message-Id: <20171129113046.8BCE05CC761@emmas.aprisoft.de>
Date: Wed, 29 Nov 2017 12:30:46 +0100 (CET)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: httpd should allow remapping of paths
X-Send-Pr-Version: 3.95

>Number:         52772
>Category:       bin
>Synopsis:       httpd should allow remapping of paths
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          closed
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed Nov 29 11:35:00 +0000 2017
>Closed-Date:    Fri Apr 24 00:32:06 +0000 2020
>Last-Modified:  Fri Apr 24 00:32:06 +0000 2020
>Originator:     Martin Husemann
>Release:        NetBSD 8.99.7
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD seven-days-to-the-wolves.aprisoft.de 8.99.7 NetBSD 8.99.7 (GENERIC) #177: Thu Nov 23 09:03:25 CET 2017 martin@seven-days-to-the-wolves.aprisoft.de:/work/src/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:

I have to deal with a very stupid consumer appliance with broken firmware.
It requests data from a server I run, and the configuration part of the
appliances user interface is broken, so users can not configure the url
for the service properly (but parts of it are hardcoded).

The appliance does also not properly follow redirects for this request.

It would be very usefull if bozohttpd could rewrite the requested paths
befor applying authorization. I considered doing a command line option
for each rewrite rule, but this does not scale well and it is hard to
do different remapping rules per virtual host.

So I ended up doing a simmple remap table ".bzremap" in a file in the
(virtual) slash dir of the host. It looks like:

/requested/path:/re/mapped/to/this.html

The file is completely mmaped(), assuming it should be pretty short.
If the number of remap rules is big, we should probably use a .cdb file
instead.

Comments and reviews welcome!

>How-To-Repeat:
n/A

>Fix:

Here is a patch implementing this feature.

Index: bozohttpd.8
===================================================================
RCS file: /cvsroot/src/libexec/httpd/bozohttpd.8,v
retrieving revision 1.68
diff -u -p -r1.68 bozohttpd.8
--- bozohttpd.8	28 Nov 2017 12:22:27 -0000	1.68
+++ bozohttpd.8	29 Nov 2017 11:23:02 -0000
@@ -489,6 +489,30 @@ will redirect to
 Otherwise provided schema will be used i.e. symbolic link to
 .Em ftp://NetBSD.org/
 will redirect to the provided URL.
+If a
+.Pa .bzremap
+file is found at the root of a (virtual) server, it is expected to contain
+rewrite mappings for URLs.
+.Pp
+These remappings are performed internally in the server before authentication
+happens and can be used to hide implementation details, like the CGI handler
+specific suffix for non cgi scripts in authorized directories.
+.Pp
+The map file consists of lines two paths separated by a colon, where the left
+side needs to exactly match a (sub) path of the request and will be replaced
+by the right side.
+.Pp
+The first match always wins.
+.Pp
+A
+.Pa .bzremap
+file could look like this:
+.Bd -literal
+/nic/update:/auth-dir/updipv4.pl
+.Ed
+.Pp
+The remap file shold be short, access to it is slow and needs to happen
+on each request.
 .Sh EXAMPLES
 To configure set of virtual hosts, one would use an
 .Xr inetd.conf 5
Index: bozohttpd.c
===================================================================
RCS file: /cvsroot/src/libexec/httpd/bozohttpd.c,v
retrieving revision 1.86
diff -u -p -r1.86 bozohttpd.c
--- bozohttpd.c	5 Feb 2017 01:55:03 -0000	1.86
+++ bozohttpd.c	29 Nov 2017 11:23:02 -0000
@@ -120,6 +120,9 @@
 #ifndef ABSREDIRECT_FILE
 #define ABSREDIRECT_FILE	".bzabsredirect"
 #endif
+#ifndef REMAP_FILE
+#define REMAP_FILE		".bzremap"
+#endif
 #ifndef PUBLIC_HTML
 #define PUBLIC_HTML		"public_html"
 #endif
@@ -1068,6 +1071,109 @@ head:
 #endif /* !NO_USER_SUPPORT */
 }

+static void
+check_mapping(bozo_httpreq_t *request)
+{
+	bozohttpd_t *httpd = request->hr_httpd;
+	char *file = request->hr_file, *newfile;
+	void *fmap;
+	const char *replace, *map_to, *p;
+	struct stat st;
+	int mapfile;
+	size_t avail, len, rlen, flen;
+
+	mapfile = open(REMAP_FILE, O_RDONLY, 0);
+	if (mapfile == -1) return;
+	debug((httpd, DEBUG_FAT, "remap file found"));
+	if (fstat(mapfile, &st) == -1) {
+		bozowarn(httpd, "could not stat " REMAP_FILE);
+		close(mapfile);
+		return;
+	}
+
+	fmap = mmap(NULL, st.st_size, PROT_READ, 0, mapfile, 0);
+	if (fmap == NULL) {
+		bozowarn(httpd, "could not mmap " REMAP_FILE ", error %d",
+		    errno);
+		close(mapfile);
+		return;
+	}
+	flen = strlen(file);
+	for (p = fmap, avail = st.st_size; avail; ) {
+		/*
+		 * We have lines like:
+		 *   /this/url:/replacement/that/url
+		 * If we find a matching left hand side, replace will point
+		 * to it nad len will be its length. map_to will point to
+		 * the right hand side and rlen wil be its length.
+		 * If we have no match, both pointers will be NULL.
+		 */
+
+		/* skip empty lines */
+		while ((*p == '\r' || *p == '\n') && avail) {
+			p++;
+			avail--;
+		}
+		replace = p;
+		while (*p != ':' && *p != '\r' && *p != '\n' && avail) {
+			p++;
+			avail--;
+		}
+		if (!avail || *p != ':') {
+			replace = NULL;
+			map_to = NULL;
+			break;
+		}
+		len = p-replace;
+		/*
+		 * flen < len: the left hand side is too long, can't be a
+		 *   match
+		 * flen == len: full string has to match
+		 * flen > len: make sure there is a path separator at 'len'
+		 * avail < 2: we are at eof, missing right hand side
+		 */
+		if (avail < 2 || flen < len || 
+		    (flen == len && memcmp(file, replace, len) != 0) ||
+		    (flen > len
+			 && (file[len] != '/' ||
+			     memcmp(file, replace, len) != 0))) {
+
+			/* non-match, skip to end of line and continue */
+			while (*p != '\r' && *p != '\n' && avail) {
+				p++;
+				avail--;
+			}
+			replace = NULL;
+			map_to = NULL;
+			continue;
+		}
+		p++;
+		avail--;
+
+		/* found a match, parse the target */
+		map_to = p;
+		while (*p != '\r' && *p != '\n' && avail) {
+			p++;
+			avail--;
+		}
+		rlen = p - map_to;
+		break;
+	}
+
+	if (replace && map_to) {
+		newfile = bozomalloc(httpd, strlen(file) + rlen - len + 1);
+		memcpy(newfile, map_to, rlen);
+		strcpy(newfile+rlen, file + len);
+		debug((httpd, DEBUG_NORMAL, "remapping found ``%s'' ",
+		    newfile));
+		free(request->hr_file);
+		request->hr_file = newfile;
+	}
+
+	munmap(fmap, st.st_size);
+	close(mapfile);
+}
+
 /*
  * deal with virtual host names; we do this:
  *	if we have a virtual path root (httpd->virtbase), and we are given a
@@ -1191,6 +1297,12 @@ use_slashdir:
 	if (chdir(s) < 0)
 		return bozo_http_error(httpd, 404, request,
 					"can't chdir to slashdir");
+
+	/*
+	 * is there a mapping for this request?
+	 */
+	check_mapping(request);
+
 	return 0;
 }


>Release-Note:

>Audit-Trail:
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52772 CVS commit: src/libexec/httpd
Date: Fri, 24 Aug 2018 11:41:16 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Fri Aug 24 11:41:16 UTC 2018

 Modified Files:
 	src/libexec/httpd: bozohttpd.8 bozohttpd.c
 	src/libexec/httpd/testsuite: Makefile
 Added Files:
 	src/libexec/httpd/testsuite: t12.in t12.out t13.in t13.out
 	src/libexec/httpd/testsuite/data: .bzremap

 Log Message:
 Add support for remapping requested paths via a .bzredirect file.
 Fixes PR 52772. Ok: mrg@


 To generate a diff of this commit:
 cvs rdiff -u -r1.68 -r1.69 src/libexec/httpd/bozohttpd.8
 cvs rdiff -u -r1.87 -r1.88 src/libexec/httpd/bozohttpd.c
 cvs rdiff -u -r1.7 -r1.8 src/libexec/httpd/testsuite/Makefile
 cvs rdiff -u -r0 -r1.1 src/libexec/httpd/testsuite/t12.in \
     src/libexec/httpd/testsuite/t12.out src/libexec/httpd/testsuite/t13.in \
     src/libexec/httpd/testsuite/t13.out
 cvs rdiff -u -r0 -r1.1 src/libexec/httpd/testsuite/data/.bzremap

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->needs-pullups
State-Changed-By: martin@NetBSD.org
State-Changed-When: Fri, 24 Aug 2018 11:45:30 +0000
State-Changed-Why:
Should be pulled up to (at least) -8


From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52772 CVS commit: [netbsd-8] src/libexec/httpd
Date: Sat, 24 Nov 2018 17:13:51 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Sat Nov 24 17:13:51 UTC 2018

 Modified Files:
 	src/libexec/httpd [netbsd-8]: CHANGES auth-bozo.c bozohttpd.8
 	    bozohttpd.c bozohttpd.h cgi-bozo.c content-bozo.c daemon-bozo.c
 	    dir-index-bozo.c main.c ssl-bozo.c tilde-luzah-bozo.c
 	src/libexec/httpd/lua [netbsd-8]: bozo.lua glue.c optparse.lua
 	src/libexec/httpd/testsuite [netbsd-8]: Makefile html_cmp t3.out t5.out
 	    t6.out test-bigfile test-simple
 Added Files:
 	src/libexec/httpd/testsuite [netbsd-8]: t12.in t12.out t13.in t13.out
 	    t14.in t14.out t15.in t15.out
 	src/libexec/httpd/testsuite/data [netbsd-8]: .bzremap

 Log Message:
 Sync to HEAD (requested by mrg in ticket #1104)

 	libexec/httpd/testsuite/data/.bzremap           up to 1.1
 	libexec/httpd/testsuite/t12.out                 up to 1.1
 	libexec/httpd/testsuite/t12.in                  up to 1.1
 	libexec/httpd/testsuite/t13.out                 up to 1.1
 	libexec/httpd/testsuite/t13.in                  up to 1.1
 	libexec/httpd/testsuite/t14.out                 up to 1.1
 	libexec/httpd/testsuite/t14.in                  up to 1.1
 	libexec/httpd/testsuite/t15.out                 up to 1.1
 	libexec/httpd/testsuite/t15.in                  up to 1.1
 	libexec/httpd/CHANGES                           up to 1.28
 	libexec/httpd/auth-bozo.c                       up to 1.22
 	libexec/httpd/bozohttpd.8                       up to 1.74
 	libexec/httpd/bozohttpd.c                       up to 1.96
 	libexec/httpd/bozohttpd.h                       up to 1.56
 	libexec/httpd/cgi-bozo.c                        up to 1.44
 	libexec/httpd/content-bozo.c                    up to 1.16
 	libexec/httpd/daemon-bozo.c                     up to 1.19
 	libexec/httpd/dir-index-bozo.c                  up to 1.28
 	libexec/httpd/main.c                            up to 1.21
 	libexec/httpd/ssl-bozo.c                        up to 1.25
 	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
 	libexec/httpd/lua/bozo.lua                      up to 1.3
 	libexec/httpd/lua/glue.c                        up to 1.5
 	libexec/httpd/lua/optparse.lua                  up to 1.2
 	libexec/httpd/testsuite/Makefile                up to 1.11
 	libexec/httpd/testsuite/html_cmp                up to 1.6
 	libexec/httpd/testsuite/t3.out                  up to 1.4
 	libexec/httpd/testsuite/t5.out                  up to 1.4
 	libexec/httpd/testsuite/t6.out                  up to 1.4
 	libexec/httpd/testsuite/test-bigfile            up to 1.5
 	libexec/httpd/testsuite/test-simple             up to 1.5

 Cosmetic changes to Lua binding in bozohttpd.

 - Don't use negative indicies to read arguments of Lua functions.
 - On error, return nil, "error string".
 - Use ssize_t for return values from bozo_read() and bozo_write().
 - Prefer lstring especially when if saves you from appending NUL and
   doing len + 1 which can potentially wraparound.
 - Don't mix C allocations with Lua functions marked with "m" in the Lua
   manual. Those functions may throw (longjump) and leak data allocated
   by C function. In one case, I use luaL_Buffer, in the other case,
   I rearranged calls a bit.

 fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
 thanks!

 s/u_int/unsigned/.

 from Jan Danielsson.  increases/fixes portability.

 PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
 sometimes with EFAULT due to not NULL terminated environment.

 Document script handler issues with httpd(8).
 From martin@, addressing PR 52194.

 While here, use American spelling consistently and upper-case some
 abbreviations.

 Bump date.

 fix output since protocol agnostic change went in.

 XXX: i thought someone hooked this into atf already, please do :)

 Add support for remapping requested paths via a .bzredirect file.
 Fixes PR 52772. Ok: mrg@

 Bump date

 Remove trailing whitespace.

 use __func__ in debug().

 fix a denial of service attack against header contents, which
 is now bounded at 16KiB.  reported by JP.

 avoid memory leak in sending multiple auth headers.
 mostly mitigated by previous patch to limit total header size,
 but still a real problem here.

 note the changes present in bozohttpd 20181118:

 o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
 o  handle redirections for any protocol, not just http:
 o  fix a denial of service attack against header contents, which
    is now bounded at 16KiB.  reported by JP.

 from CHANGES:

 o  reduce default timeouts, and add expand timeouts to handle the
    initial line, each header, and the total time spent
 o  add -T option to expose new timeout settings
 o  minor RFC fixes related to timeout handling responses

 old timeouts:
 60 seconds for initial request like, 60 seconds per header line,
 and no whole timeout (though the recent total header size changes
 do introduce one that would be about 11 hours.)
 new timeouts:
 30 seconds for initial request like, 10 seconds per header line,
 and a total request time of 600 seconds.

 the new global timeout is implemented using CLOCK_MONOTONIC, with
 a fallback to CLOCK_REALTIME if monotonic time is unavailable.

 reject multiple Host: headers.  besides being protocol standard,
 this closes one additional memory leak found by JP.  add a simple
 test to check this.

 clean up option and usage handling some.

 move some #if support into bozohttpd.h.

 fix previous: have_debug was reversed.

 also fix have_dynamic_content from the previous previous.  re-order
 the debug and dynamic content to match the same pattern as everything
 else so similar problems are less likely in the future.

 - move special files defines into bozohttpd.h, so we can ...
 - consolidate all the special file checks into
   bozo_check_special_files() so that all builds check the same
   list of special files, regardless of build options.
 - convert "(void)bozo_http_error(...); return -1;" into plain
   "return bozo_http_error(...);"
 - fix the call to bozo_check_special_files() to be used on all
   input types.  part of the fixes for failure to reject access
   to /.htpasswd as reported by JP on tech-security.
 - use warn_unused_result attribute on bozo_check_special_files(),
   and fix the failures to return failure.  second part of the
   htpasswd access fix.
 - update testsuite to use a fixed fake hostname.

 call this bozohttpd 20181121.

 two fixes reported by mouse:
 - don't check contents of 'st' if stat(2) failed.
 - round up instead of truncate.  now 10000 byte files say 10kB not 9kB.

 use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

 WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)

 many clean ups:
 - keep a list of special files and their human names
 - remove (void) casts on bozo_http_error()
 - fix a few more misuses of bozo_http_error()
 - rename check_mapping() to check_remap() and perform some CSE
 - switch away from ``%s'' to '%s'
 - remove a bunch of #ifdef using new have_feature defines

 alpha sort the option switch.

 add an assert() check on array bounds.

 minor style fixes.  simplify bozo_match_content_map().


 To generate a diff of this commit:
 cvs rdiff -u -r1.25 -r1.25.4.1 src/libexec/httpd/CHANGES
 cvs rdiff -u -r1.18 -r1.18.8.1 src/libexec/httpd/auth-bozo.c
 cvs rdiff -u -r1.65 -r1.65.4.1 src/libexec/httpd/bozohttpd.8
 cvs rdiff -u -r1.86.4.1 -r1.86.4.2 src/libexec/httpd/bozohttpd.c
 cvs rdiff -u -r1.47 -r1.47.4.1 src/libexec/httpd/bozohttpd.h
 cvs rdiff -u -r1.37.4.1 -r1.37.4.2 src/libexec/httpd/cgi-bozo.c
 cvs rdiff -u -r1.14 -r1.14.6.1 src/libexec/httpd/content-bozo.c
 cvs rdiff -u -r1.17 -r1.17.8.1 src/libexec/httpd/daemon-bozo.c
 cvs rdiff -u -r1.25 -r1.25.8.1 src/libexec/httpd/dir-index-bozo.c
 cvs rdiff -u -r1.16 -r1.16.6.1 src/libexec/httpd/main.c
 cvs rdiff -u -r1.22 -r1.22.8.1 src/libexec/httpd/ssl-bozo.c
 cvs rdiff -u -r1.14 -r1.14.8.1 src/libexec/httpd/tilde-luzah-bozo.c
 cvs rdiff -u -r1.2 -r1.2.8.1 src/libexec/httpd/lua/bozo.lua \
     src/libexec/httpd/lua/glue.c
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.44.1 src/libexec/httpd/lua/optparse.lua
 cvs rdiff -u -r1.7 -r1.7.4.1 src/libexec/httpd/testsuite/Makefile
 cvs rdiff -u -r1.5 -r1.5.6.1 src/libexec/httpd/testsuite/html_cmp
 cvs rdiff -u -r0 -r1.1.4.2 src/libexec/httpd/testsuite/t12.in \
     src/libexec/httpd/testsuite/t12.out src/libexec/httpd/testsuite/t13.in \
     src/libexec/httpd/testsuite/t13.out
 cvs rdiff -u -r0 -r1.1.2.2 src/libexec/httpd/testsuite/t14.in \
     src/libexec/httpd/testsuite/t14.out src/libexec/httpd/testsuite/t15.in \
     src/libexec/httpd/testsuite/t15.out
 cvs rdiff -u -r1.3 -r1.3.38.1 src/libexec/httpd/testsuite/t3.out \
     src/libexec/httpd/testsuite/t5.out src/libexec/httpd/testsuite/t6.out
 cvs rdiff -u -r1.4 -r1.4.4.1 src/libexec/httpd/testsuite/test-bigfile
 cvs rdiff -u -r1.4 -r1.4.10.1 src/libexec/httpd/testsuite/test-simple
 cvs rdiff -u -r0 -r1.1.4.2 src/libexec/httpd/testsuite/data/.bzremap

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52772 CVS commit: [netbsd-7] src/libexec/httpd
Date: Sat, 24 Nov 2018 17:22:59 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Sat Nov 24 17:22:58 UTC 2018

 Modified Files:
 	src/libexec/httpd [netbsd-7]: CHANGES Makefile auth-bozo.c bozohttpd.8
 	    bozohttpd.c bozohttpd.h cgi-bozo.c content-bozo.c daemon-bozo.c
 	    dir-index-bozo.c lua-bozo.c main.c ssl-bozo.c tilde-luzah-bozo.c
 	src/libexec/httpd/libbozohttpd [netbsd-7]: Makefile
 	src/libexec/httpd/lua [netbsd-7]: bozo.lua glue.c optparse.lua
 	src/libexec/httpd/testsuite [netbsd-7]: Makefile html_cmp t3.out t5.out
 	    t6.out test-bigfile test-simple
 Added Files:
 	src/libexec/httpd/testsuite [netbsd-7]: t12.in t12.out t13.in t13.out
 	    t14.in t14.out t15.in t15.out
 	src/libexec/httpd/testsuite/data [netbsd-7]: .bzremap

 Log Message:
 Sync to HEAD (requested by mrg in ticket #1655):

 	libexec/httpd/testsuite/data/.bzremap           up to 1.1
 	libexec/httpd/testsuite/t12.out                 up to 1.1
 	libexec/httpd/testsuite/t12.in                  up to 1.1
 	libexec/httpd/testsuite/t13.out                 up to 1.1
 	libexec/httpd/testsuite/t13.in                  up to 1.1
 	libexec/httpd/testsuite/t14.out                 up to 1.1
 	libexec/httpd/testsuite/t14.in                  up to 1.1
 	libexec/httpd/testsuite/t15.out                 up to 1.1
 	libexec/httpd/testsuite/t15.in                  up to 1.1
 	libexec/httpd/CHANGES                           up to 1.28
 	libexec/httpd/Makefile                          up to 1.27
 	libexec/httpd/auth-bozo.c                       up to 1.22
 	libexec/httpd/bozohttpd.8                       up to 1.74
 	libexec/httpd/bozohttpd.c                       up to 1.96
 	libexec/httpd/bozohttpd.h                       up to 1.56
 	libexec/httpd/cgi-bozo.c                        up to 1.44
 	libexec/httpd/content-bozo.c                    up to 1.16
 	libexec/httpd/daemon-bozo.c                     up to 1.19
 	libexec/httpd/dir-index-bozo.c                  up to 1.28
 	libexec/httpd/lua-bozo.c                        up to 1.15
 	libexec/httpd/main.c                            up to 1.21
 	libexec/httpd/ssl-bozo.c                        up to 1.25
 	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
 	libexec/httpd/libbozohttpd/Makefile             up to 1.3
 	libexec/httpd/lua/bozo.lua                      up to 1.3
 	libexec/httpd/lua/glue.c                        up to 1.5
 	libexec/httpd/lua/optparse.lua                  up to 1.2
 	libexec/httpd/testsuite/Makefile                up to 1.11
 	libexec/httpd/testsuite/html_cmp                up to 1.6
 	libexec/httpd/testsuite/t3.out                  up to 1.4
 	libexec/httpd/testsuite/t5.out                  up to 1.4
 	libexec/httpd/testsuite/t6.out                  up to 1.4
 	libexec/httpd/testsuite/test-bigfile            up to 1.5
 	libexec/httpd/testsuite/test-simple             up to 1.5

 Cosmetic changes to Lua binding in bozohttpd.

 - Don't use negative indicies to read arguments of Lua functions.
 - On error, return nil, "error string".
 - Use ssize_t for return values from bozo_read() and bozo_write().
 - Prefer lstring especially when if saves you from appending NUL and
   doing len + 1 which can potentially wraparound.
 - Don't mix C allocations with Lua functions marked with "m" in the Lua
   manual. Those functions may throw (longjump) and leak data allocated
   by C function. In one case, I use luaL_Buffer, in the other case,
   I rearranged calls a bit.

 fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
 thanks!

 s/u_int/unsigned/.

 from Jan Danielsson.  increases/fixes portability.

 PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
 sometimes with EFAULT due to not NULL terminated environment.

 Document script handler issues with httpd(8).
 From martin@, addressing PR 52194.

 While here, use American spelling consistently and upper-case some
 abbreviations.

 Bump date.

 fix output since protocol agnostic change went in.

 XXX: i thought someone hooked this into atf already, please do :)

 Add support for remapping requested paths via a .bzredirect file.
 Fixes PR 52772. Ok: mrg@

 Bump date

 Remove trailing whitespace.

 use __func__ in debug().

 fix a denial of service attack against header contents, which
 is now bounded at 16KiB.  reported by JP.

 avoid memory leak in sending multiple auth headers.
 mostly mitigated by previous patch to limit total header size,
 but still a real problem here.

 note the changes present in bozohttpd 20181118:

 o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
 o  handle redirections for any protocol, not just http:
 o  fix a denial of service attack against header contents, which
    is now bounded at 16KiB.  reported by JP.

 from CHANGES:

 o  reduce default timeouts, and add expand timeouts to handle the
    initial line, each header, and the total time spent
 o  add -T option to expose new timeout settings
 o  minor RFC fixes related to timeout handling responses

 old timeouts:
 60 seconds for initial request like, 60 seconds per header line,
 and no whole timeout (though the recent total header size changes
 do introduce one that would be about 11 hours.)
 new timeouts:
 30 seconds for initial request like, 10 seconds per header line,
 and a total request time of 600 seconds.

 the new global timeout is implemented using CLOCK_MONOTONIC, with
 a fallback to CLOCK_REALTIME if monotonic time is unavailable.

 reject multiple Host: headers.  besides being protocol standard,
 this closes one additional memory leak found by JP.  add a simple
 test to check this.

 clean up option and usage handling some.

 move some #if support into bozohttpd.h.

 fix previous: have_debug was reversed.

 also fix have_dynamic_content from the previous previous.  re-order
 the debug and dynamic content to match the same pattern as everything
 else so similar problems are less likely in the future.

 - move special files defines into bozohttpd.h, so we can ...
 - consolidate all the special file checks into
   bozo_check_special_files() so that all builds check the same
   list of special files, regardless of build options.
 - convert "(void)bozo_http_error(...); return -1;" into plain
   "return bozo_http_error(...);"
 - fix the call to bozo_check_special_files() to be used on all
   input types.  part of the fixes for failure to reject access
   to /.htpasswd as reported by JP on tech-security.
 - use warn_unused_result attribute on bozo_check_special_files(),
   and fix the failures to return failure.  second part of the
   htpasswd access fix.
 - update testsuite to use a fixed fake hostname.

 call this bozohttpd 20181121.

 two fixes reported by mouse:
 - don't check contents of 'st' if stat(2) failed.
 - round up instead of truncate.  now 10000 byte files say 10kB not 9kB.

 use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

 WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)

 many clean ups:
 - keep a list of special files and their human names
 - remove (void) casts on bozo_http_error()
 - fix a few more misuses of bozo_http_error()
 - rename check_mapping() to check_remap() and perform some CSE
 - switch away from ``%s'' to '%s'
 - remove a bunch of #ifdef using new have_feature defines

 alpha sort the option switch.

 add an assert() check on array bounds.

 minor style fixes.  simplify bozo_match_content_map().


 To generate a diff of this commit:
 cvs rdiff -u -r1.19.2.5 -r1.19.2.6 src/libexec/httpd/CHANGES
 cvs rdiff -u -r1.22.2.2 -r1.22.2.3 src/libexec/httpd/Makefile
 cvs rdiff -u -r1.13.2.2 -r1.13.2.3 src/libexec/httpd/auth-bozo.c
 cvs rdiff -u -r1.46.4.8 -r1.46.4.9 src/libexec/httpd/bozohttpd.8
 cvs rdiff -u -r1.56.2.9 -r1.56.2.10 src/libexec/httpd/bozohttpd.c
 cvs rdiff -u -r1.33.2.6 -r1.33.2.7 src/libexec/httpd/bozohttpd.h
 cvs rdiff -u -r1.25.2.8 -r1.25.2.9 src/libexec/httpd/cgi-bozo.c
 cvs rdiff -u -r1.10.2.4 -r1.10.2.5 src/libexec/httpd/content-bozo.c
 cvs rdiff -u -r1.16.4.1 -r1.16.4.2 src/libexec/httpd/daemon-bozo.c
 cvs rdiff -u -r1.19.4.2 -r1.19.4.3 src/libexec/httpd/dir-index-bozo.c
 cvs rdiff -u -r1.10.2.2 -r1.10.2.3 src/libexec/httpd/lua-bozo.c
 cvs rdiff -u -r1.8.2.2 -r1.8.2.3 src/libexec/httpd/main.c
 cvs rdiff -u -r1.18.2.1 -r1.18.2.2 src/libexec/httpd/ssl-bozo.c
 cvs rdiff -u -r1.10.4.1 -r1.10.4.2 src/libexec/httpd/tilde-luzah-bozo.c
 cvs rdiff -u -r1.2 -r1.2.10.1 src/libexec/httpd/libbozohttpd/Makefile
 cvs rdiff -u -r1.1.1.1.30.1 -r1.1.1.1.30.2 src/libexec/httpd/lua/bozo.lua \
     src/libexec/httpd/lua/glue.c
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.30.1 src/libexec/httpd/lua/optparse.lua
 cvs rdiff -u -r1.4.24.3 -r1.4.24.4 src/libexec/httpd/testsuite/Makefile
 cvs rdiff -u -r1.4.18.1 -r1.4.18.2 src/libexec/httpd/testsuite/html_cmp
 cvs rdiff -u -r0 -r1.1.6.2 src/libexec/httpd/testsuite/t12.in \
     src/libexec/httpd/testsuite/t12.out src/libexec/httpd/testsuite/t13.in \
     src/libexec/httpd/testsuite/t13.out
 cvs rdiff -u -r0 -r1.1.4.2 src/libexec/httpd/testsuite/t14.in \
     src/libexec/httpd/testsuite/t14.out src/libexec/httpd/testsuite/t15.in \
     src/libexec/httpd/testsuite/t15.out
 cvs rdiff -u -r1.3 -r1.3.24.1 src/libexec/httpd/testsuite/t3.out \
     src/libexec/httpd/testsuite/t5.out src/libexec/httpd/testsuite/t6.out
 cvs rdiff -u -r1.1.1.1.30.3 -r1.1.1.1.30.4 \
     src/libexec/httpd/testsuite/test-bigfile
 cvs rdiff -u -r1.2.4.3 -r1.2.4.4 src/libexec/httpd/testsuite/test-simple
 cvs rdiff -u -r0 -r1.1.6.2 src/libexec/httpd/testsuite/data/.bzremap

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52772 CVS commit: [netbsd-7-1] src/libexec/httpd
Date: Sat, 24 Nov 2018 17:23:21 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Sat Nov 24 17:23:21 UTC 2018

 Modified Files:
 	src/libexec/httpd [netbsd-7-1]: CHANGES Makefile auth-bozo.c
 	    bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c content-bozo.c
 	    daemon-bozo.c dir-index-bozo.c lua-bozo.c main.c ssl-bozo.c
 	    tilde-luzah-bozo.c
 	src/libexec/httpd/libbozohttpd [netbsd-7-1]: Makefile
 	src/libexec/httpd/lua [netbsd-7-1]: bozo.lua glue.c optparse.lua
 	src/libexec/httpd/testsuite [netbsd-7-1]: Makefile html_cmp t3.out
 	    t5.out t6.out test-bigfile test-simple
 Added Files:
 	src/libexec/httpd/testsuite [netbsd-7-1]: t12.in t12.out t13.in t13.out
 	    t14.in t14.out t15.in t15.out
 	src/libexec/httpd/testsuite/data [netbsd-7-1]: .bzremap

 Log Message:
 Sync to HEAD (requested by mrg in ticket #1655):

 	libexec/httpd/testsuite/data/.bzremap           up to 1.1
 	libexec/httpd/testsuite/t12.out                 up to 1.1
 	libexec/httpd/testsuite/t12.in                  up to 1.1
 	libexec/httpd/testsuite/t13.out                 up to 1.1
 	libexec/httpd/testsuite/t13.in                  up to 1.1
 	libexec/httpd/testsuite/t14.out                 up to 1.1
 	libexec/httpd/testsuite/t14.in                  up to 1.1
 	libexec/httpd/testsuite/t15.out                 up to 1.1
 	libexec/httpd/testsuite/t15.in                  up to 1.1
 	libexec/httpd/CHANGES                           up to 1.28
 	libexec/httpd/Makefile                          up to 1.27
 	libexec/httpd/auth-bozo.c                       up to 1.22
 	libexec/httpd/bozohttpd.8                       up to 1.74
 	libexec/httpd/bozohttpd.c                       up to 1.96
 	libexec/httpd/bozohttpd.h                       up to 1.56
 	libexec/httpd/cgi-bozo.c                        up to 1.44
 	libexec/httpd/content-bozo.c                    up to 1.16
 	libexec/httpd/daemon-bozo.c                     up to 1.19
 	libexec/httpd/dir-index-bozo.c                  up to 1.28
 	libexec/httpd/lua-bozo.c                        up to 1.15
 	libexec/httpd/main.c                            up to 1.21
 	libexec/httpd/ssl-bozo.c                        up to 1.25
 	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
 	libexec/httpd/libbozohttpd/Makefile             up to 1.3
 	libexec/httpd/lua/bozo.lua                      up to 1.3
 	libexec/httpd/lua/glue.c                        up to 1.5
 	libexec/httpd/lua/optparse.lua                  up to 1.2
 	libexec/httpd/testsuite/Makefile                up to 1.11
 	libexec/httpd/testsuite/html_cmp                up to 1.6
 	libexec/httpd/testsuite/t3.out                  up to 1.4
 	libexec/httpd/testsuite/t5.out                  up to 1.4
 	libexec/httpd/testsuite/t6.out                  up to 1.4
 	libexec/httpd/testsuite/test-bigfile            up to 1.5
 	libexec/httpd/testsuite/test-simple             up to 1.5

 Cosmetic changes to Lua binding in bozohttpd.

 - Don't use negative indicies to read arguments of Lua functions.
 - On error, return nil, "error string".
 - Use ssize_t for return values from bozo_read() and bozo_write().
 - Prefer lstring especially when if saves you from appending NUL and
   doing len + 1 which can potentially wraparound.
 - Don't mix C allocations with Lua functions marked with "m" in the Lua
   manual. Those functions may throw (longjump) and leak data allocated
   by C function. In one case, I use luaL_Buffer, in the other case,
   I rearranged calls a bit.

 fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
 thanks!

 s/u_int/unsigned/.

 from Jan Danielsson.  increases/fixes portability.

 PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
 sometimes with EFAULT due to not NULL terminated environment.

 Document script handler issues with httpd(8).
 From martin@, addressing PR 52194.

 While here, use American spelling consistently and upper-case some
 abbreviations.

 Bump date.

 fix output since protocol agnostic change went in.

 XXX: i thought someone hooked this into atf already, please do :)

 Add support for remapping requested paths via a .bzredirect file.
 Fixes PR 52772. Ok: mrg@

 Bump date

 Remove trailing whitespace.

 use __func__ in debug().

 fix a denial of service attack against header contents, which
 is now bounded at 16KiB.  reported by JP.

 avoid memory leak in sending multiple auth headers.
 mostly mitigated by previous patch to limit total header size,
 but still a real problem here.

 note the changes present in bozohttpd 20181118:

 o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
 o  handle redirections for any protocol, not just http:
 o  fix a denial of service attack against header contents, which
    is now bounded at 16KiB.  reported by JP.

 from CHANGES:

 o  reduce default timeouts, and add expand timeouts to handle the
    initial line, each header, and the total time spent
 o  add -T option to expose new timeout settings
 o  minor RFC fixes related to timeout handling responses

 old timeouts:
 60 seconds for initial request like, 60 seconds per header line,
 and no whole timeout (though the recent total header size changes
 do introduce one that would be about 11 hours.)
 new timeouts:
 30 seconds for initial request like, 10 seconds per header line,
 and a total request time of 600 seconds.

 the new global timeout is implemented using CLOCK_MONOTONIC, with
 a fallback to CLOCK_REALTIME if monotonic time is unavailable.

 reject multiple Host: headers.  besides being protocol standard,
 this closes one additional memory leak found by JP.  add a simple
 test to check this.

 clean up option and usage handling some.

 move some #if support into bozohttpd.h.

 fix previous: have_debug was reversed.

 also fix have_dynamic_content from the previous previous.  re-order
 the debug and dynamic content to match the same pattern as everything
 else so similar problems are less likely in the future.

 - move special files defines into bozohttpd.h, so we can ...
 - consolidate all the special file checks into
   bozo_check_special_files() so that all builds check the same
   list of special files, regardless of build options.
 - convert "(void)bozo_http_error(...); return -1;" into plain
   "return bozo_http_error(...);"
 - fix the call to bozo_check_special_files() to be used on all
   input types.  part of the fixes for failure to reject access
   to /.htpasswd as reported by JP on tech-security.
 - use warn_unused_result attribute on bozo_check_special_files(),
   and fix the failures to return failure.  second part of the
   htpasswd access fix.
 - update testsuite to use a fixed fake hostname.

 call this bozohttpd 20181121.

 two fixes reported by mouse:
 - don't check contents of 'st' if stat(2) failed.
 - round up instead of truncate.  now 10000 byte files say 10kB not 9kB.

 use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

 WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)

 many clean ups:
 - keep a list of special files and their human names
 - remove (void) casts on bozo_http_error()
 - fix a few more misuses of bozo_http_error()
 - rename check_mapping() to check_remap() and perform some CSE
 - switch away from ``%s'' to '%s'
 - remove a bunch of #ifdef using new have_feature defines

 alpha sort the option switch.

 add an assert() check on array bounds.

 minor style fixes.  simplify bozo_match_content_map().


 To generate a diff of this commit:
 cvs rdiff -u -r1.19.2.5 -r1.19.2.5.2.1 src/libexec/httpd/CHANGES
 cvs rdiff -u -r1.22.2.2 -r1.22.2.2.4.1 src/libexec/httpd/Makefile
 cvs rdiff -u -r1.13.2.2 -r1.13.2.2.4.1 src/libexec/httpd/auth-bozo.c
 cvs rdiff -u -r1.46.4.8 -r1.46.4.8.2.1 src/libexec/httpd/bozohttpd.8
 cvs rdiff -u -r1.56.2.8 -r1.56.2.8.2.1 src/libexec/httpd/bozohttpd.c
 cvs rdiff -u -r1.33.2.6 -r1.33.2.6.2.1 src/libexec/httpd/bozohttpd.h
 cvs rdiff -u -r1.25.2.7.2.1 -r1.25.2.7.2.2 src/libexec/httpd/cgi-bozo.c
 cvs rdiff -u -r1.10.2.4 -r1.10.2.4.2.1 src/libexec/httpd/content-bozo.c
 cvs rdiff -u -r1.16.4.1 -r1.16.4.1.4.1 src/libexec/httpd/daemon-bozo.c
 cvs rdiff -u -r1.19.4.2 -r1.19.4.2.4.1 src/libexec/httpd/dir-index-bozo.c
 cvs rdiff -u -r1.10.2.2 -r1.10.2.2.4.1 src/libexec/httpd/lua-bozo.c
 cvs rdiff -u -r1.8.2.2 -r1.8.2.2.2.1 src/libexec/httpd/main.c
 cvs rdiff -u -r1.18.2.1 -r1.18.2.1.4.1 src/libexec/httpd/ssl-bozo.c
 cvs rdiff -u -r1.10.4.1 -r1.10.4.1.4.1 src/libexec/httpd/tilde-luzah-bozo.c
 cvs rdiff -u -r1.2 -r1.2.20.1 src/libexec/httpd/libbozohttpd/Makefile
 cvs rdiff -u -r1.1.1.1.30.1 -r1.1.1.1.30.1.4.1 src/libexec/httpd/lua/bozo.lua \
     src/libexec/httpd/lua/glue.c
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.40.1 src/libexec/httpd/lua/optparse.lua
 cvs rdiff -u -r1.4.24.3 -r1.4.24.3.2.1 src/libexec/httpd/testsuite/Makefile
 cvs rdiff -u -r1.4.18.1 -r1.4.18.1.2.1 src/libexec/httpd/testsuite/html_cmp
 cvs rdiff -u -r0 -r1.1.8.2 src/libexec/httpd/testsuite/t12.in \
     src/libexec/httpd/testsuite/t12.out src/libexec/httpd/testsuite/t13.in \
     src/libexec/httpd/testsuite/t13.out
 cvs rdiff -u -r0 -r1.1.6.2 src/libexec/httpd/testsuite/t14.in \
     src/libexec/httpd/testsuite/t14.out src/libexec/httpd/testsuite/t15.in \
     src/libexec/httpd/testsuite/t15.out
 cvs rdiff -u -r1.3 -r1.3.34.1 src/libexec/httpd/testsuite/t3.out \
     src/libexec/httpd/testsuite/t5.out src/libexec/httpd/testsuite/t6.out
 cvs rdiff -u -r1.1.1.1.30.3 -r1.1.1.1.30.3.2.1 \
     src/libexec/httpd/testsuite/test-bigfile
 cvs rdiff -u -r1.2.4.3 -r1.2.4.3.2.1 src/libexec/httpd/testsuite/test-simple
 cvs rdiff -u -r0 -r1.1.8.2 src/libexec/httpd/testsuite/data/.bzremap

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/52772 CVS commit: [netbsd-7-0] src/libexec/httpd
Date: Sat, 24 Nov 2018 17:23:48 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Sat Nov 24 17:23:48 UTC 2018

 Modified Files:
 	src/libexec/httpd [netbsd-7-0]: CHANGES Makefile auth-bozo.c
 	    bozohttpd.8 bozohttpd.c bozohttpd.h cgi-bozo.c content-bozo.c
 	    daemon-bozo.c dir-index-bozo.c lua-bozo.c main.c ssl-bozo.c
 	    tilde-luzah-bozo.c
 	src/libexec/httpd/libbozohttpd [netbsd-7-0]: Makefile
 	src/libexec/httpd/lua [netbsd-7-0]: bozo.lua glue.c optparse.lua
 	src/libexec/httpd/testsuite [netbsd-7-0]: Makefile html_cmp t3.out
 	    t5.out t6.out test-bigfile test-simple
 Added Files:
 	src/libexec/httpd/testsuite [netbsd-7-0]: t12.in t12.out t13.in t13.out
 	    t14.in t14.out t15.in t15.out
 	src/libexec/httpd/testsuite/data [netbsd-7-0]: .bzremap

 Log Message:
 Sync to HEAD (requested by mrg in ticket #1655):

 	libexec/httpd/testsuite/data/.bzremap           up to 1.1
 	libexec/httpd/testsuite/t12.out                 up to 1.1
 	libexec/httpd/testsuite/t12.in                  up to 1.1
 	libexec/httpd/testsuite/t13.out                 up to 1.1
 	libexec/httpd/testsuite/t13.in                  up to 1.1
 	libexec/httpd/testsuite/t14.out                 up to 1.1
 	libexec/httpd/testsuite/t14.in                  up to 1.1
 	libexec/httpd/testsuite/t15.out                 up to 1.1
 	libexec/httpd/testsuite/t15.in                  up to 1.1
 	libexec/httpd/CHANGES                           up to 1.28
 	libexec/httpd/Makefile                          up to 1.27
 	libexec/httpd/auth-bozo.c                       up to 1.22
 	libexec/httpd/bozohttpd.8                       up to 1.74
 	libexec/httpd/bozohttpd.c                       up to 1.96
 	libexec/httpd/bozohttpd.h                       up to 1.56
 	libexec/httpd/cgi-bozo.c                        up to 1.44
 	libexec/httpd/content-bozo.c                    up to 1.16
 	libexec/httpd/daemon-bozo.c                     up to 1.19
 	libexec/httpd/dir-index-bozo.c                  up to 1.28
 	libexec/httpd/lua-bozo.c                        up to 1.15
 	libexec/httpd/main.c                            up to 1.21
 	libexec/httpd/ssl-bozo.c                        up to 1.25
 	libexec/httpd/tilde-luzah-bozo.c                up to 1.16
 	libexec/httpd/libbozohttpd/Makefile             up to 1.3
 	libexec/httpd/lua/bozo.lua                      up to 1.3
 	libexec/httpd/lua/glue.c                        up to 1.5
 	libexec/httpd/lua/optparse.lua                  up to 1.2
 	libexec/httpd/testsuite/Makefile                up to 1.11
 	libexec/httpd/testsuite/html_cmp                up to 1.6
 	libexec/httpd/testsuite/t3.out                  up to 1.4
 	libexec/httpd/testsuite/t5.out                  up to 1.4
 	libexec/httpd/testsuite/t6.out                  up to 1.4
 	libexec/httpd/testsuite/test-bigfile            up to 1.5
 	libexec/httpd/testsuite/test-simple             up to 1.5

 Cosmetic changes to Lua binding in bozohttpd.

 - Don't use negative indicies to read arguments of Lua functions.
 - On error, return nil, "error string".
 - Use ssize_t for return values from bozo_read() and bozo_write().
 - Prefer lstring especially when if saves you from appending NUL and
   doing len + 1 which can potentially wraparound.
 - Don't mix C allocations with Lua functions marked with "m" in the Lua
   manual. Those functions may throw (longjump) and leak data allocated
   by C function. In one case, I use luaL_Buffer, in the other case,
   I rearranged calls a bit.

 fix ordering of a couple of words.  from Edgar Pettijohn in PR#52375.
 thanks!

 s/u_int/unsigned/.

 from Jan Danielsson.  increases/fixes portability.

 PR bin/52194: bozohttpd fails to exec scripts via the -C mechanism
 sometimes with EFAULT due to not NULL terminated environment.

 Document script handler issues with httpd(8).
 From martin@, addressing PR 52194.

 While here, use American spelling consistently and upper-case some
 abbreviations.

 Bump date.

 fix output since protocol agnostic change went in.

 XXX: i thought someone hooked this into atf already, please do :)

 Add support for remapping requested paths via a .bzredirect file.
 Fixes PR 52772. Ok: mrg@

 Bump date

 Remove trailing whitespace.

 use __func__ in debug().

 fix a denial of service attack against header contents, which
 is now bounded at 16KiB.  reported by JP.

 avoid memory leak in sending multiple auth headers.
 mostly mitigated by previous patch to limit total header size,
 but still a real problem here.

 note the changes present in bozohttpd 20181118:

 o  add url remap support via .bzremap file, from martin%netbsd.org@localhost
 o  handle redirections for any protocol, not just http:
 o  fix a denial of service attack against header contents, which
    is now bounded at 16KiB.  reported by JP.

 from CHANGES:

 o  reduce default timeouts, and add expand timeouts to handle the
    initial line, each header, and the total time spent
 o  add -T option to expose new timeout settings
 o  minor RFC fixes related to timeout handling responses

 old timeouts:
 60 seconds for initial request like, 60 seconds per header line,
 and no whole timeout (though the recent total header size changes
 do introduce one that would be about 11 hours.)
 new timeouts:
 30 seconds for initial request like, 10 seconds per header line,
 and a total request time of 600 seconds.

 the new global timeout is implemented using CLOCK_MONOTONIC, with
 a fallback to CLOCK_REALTIME if monotonic time is unavailable.

 reject multiple Host: headers.  besides being protocol standard,
 this closes one additional memory leak found by JP.  add a simple
 test to check this.

 clean up option and usage handling some.

 move some #if support into bozohttpd.h.

 fix previous: have_debug was reversed.

 also fix have_dynamic_content from the previous previous.  re-order
 the debug and dynamic content to match the same pattern as everything
 else so similar problems are less likely in the future.

 - move special files defines into bozohttpd.h, so we can ...
 - consolidate all the special file checks into
   bozo_check_special_files() so that all builds check the same
   list of special files, regardless of build options.
 - convert "(void)bozo_http_error(...); return -1;" into plain
   "return bozo_http_error(...);"
 - fix the call to bozo_check_special_files() to be used on all
   input types.  part of the fixes for failure to reject access
   to /.htpasswd as reported by JP on tech-security.
 - use warn_unused_result attribute on bozo_check_special_files(),
   and fix the failures to return failure.  second part of the
   htpasswd access fix.
 - update testsuite to use a fixed fake hostname.

 call this bozohttpd 20181121.

 two fixes reported by mouse:
 - don't check contents of 'st' if stat(2) failed.
 - round up instead of truncate.  now 10000 byte files say 10kB not 9kB.

 use MAP_SHARED for the bzremap file.  avoids netbsd kernel complaining:

 WARNING: defaulted mmap() share type to MAP_PRIVATE (pid 15478 command bozohttpd)

 many clean ups:
 - keep a list of special files and their human names
 - remove (void) casts on bozo_http_error()
 - fix a few more misuses of bozo_http_error()
 - rename check_mapping() to check_remap() and perform some CSE
 - switch away from ``%s'' to '%s'
 - remove a bunch of #ifdef using new have_feature defines

 alpha sort the option switch.

 add an assert() check on array bounds.

 minor style fixes.  simplify bozo_match_content_map().


 To generate a diff of this commit:
 cvs rdiff -u -r1.19.2.1.2.3 -r1.19.2.1.2.4 src/libexec/httpd/CHANGES
 cvs rdiff -u -r1.22.2.1.2.1 -r1.22.2.1.2.2 src/libexec/httpd/Makefile
 cvs rdiff -u -r1.13.2.1.2.1 -r1.13.2.1.2.2 src/libexec/httpd/auth-bozo.c
 cvs rdiff -u -r1.46.4.4.2.3 -r1.46.4.4.2.4 src/libexec/httpd/bozohttpd.8
 cvs rdiff -u -r1.56.2.4.2.3 -r1.56.2.4.2.4 src/libexec/httpd/bozohttpd.c
 cvs rdiff -u -r1.33.2.2.2.3 -r1.33.2.2.2.4 src/libexec/httpd/bozohttpd.h
 cvs rdiff -u -r1.25.2.2.2.5 -r1.25.2.2.2.6 src/libexec/httpd/cgi-bozo.c
 cvs rdiff -u -r1.10.2.2.2.2 -r1.10.2.2.2.3 src/libexec/httpd/content-bozo.c
 cvs rdiff -u -r1.16.6.1 -r1.16.6.2 src/libexec/httpd/daemon-bozo.c
 cvs rdiff -u -r1.19.4.1.2.1 -r1.19.4.1.2.2 src/libexec/httpd/dir-index-bozo.c
 cvs rdiff -u -r1.10.2.1.2.1 -r1.10.2.1.2.2 src/libexec/httpd/lua-bozo.c
 cvs rdiff -u -r1.8.4.2 -r1.8.4.3 src/libexec/httpd/main.c
 cvs rdiff -u -r1.18.4.1 -r1.18.4.2 src/libexec/httpd/ssl-bozo.c
 cvs rdiff -u -r1.10.6.1 -r1.10.6.2 src/libexec/httpd/tilde-luzah-bozo.c
 cvs rdiff -u -r1.2 -r1.2.12.1 src/libexec/httpd/libbozohttpd/Makefile
 cvs rdiff -u -r1.1.1.1.32.1 -r1.1.1.1.32.2 src/libexec/httpd/lua/bozo.lua \
     src/libexec/httpd/lua/glue.c
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.32.1 src/libexec/httpd/lua/optparse.lua
 cvs rdiff -u -r1.4.26.3 -r1.4.26.4 src/libexec/httpd/testsuite/Makefile
 cvs rdiff -u -r1.4.20.1 -r1.4.20.2 src/libexec/httpd/testsuite/html_cmp
 cvs rdiff -u -r0 -r1.1.10.2 src/libexec/httpd/testsuite/t12.in \
     src/libexec/httpd/testsuite/t12.out src/libexec/httpd/testsuite/t13.in \
     src/libexec/httpd/testsuite/t13.out
 cvs rdiff -u -r0 -r1.1.8.2 src/libexec/httpd/testsuite/t14.in \
     src/libexec/httpd/testsuite/t14.out src/libexec/httpd/testsuite/t15.in \
     src/libexec/httpd/testsuite/t15.out
 cvs rdiff -u -r1.3 -r1.3.26.1 src/libexec/httpd/testsuite/t3.out \
     src/libexec/httpd/testsuite/t5.out src/libexec/httpd/testsuite/t6.out
 cvs rdiff -u -r1.1.1.1.32.3 -r1.1.1.1.32.4 \
     src/libexec/httpd/testsuite/test-bigfile
 cvs rdiff -u -r1.2.6.3 -r1.2.6.4 src/libexec/httpd/testsuite/test-simple
 cvs rdiff -u -r0 -r1.1.10.2 src/libexec/httpd/testsuite/data/.bzremap

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: needs-pullups->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Fri, 24 Apr 2020 00:32:06 +0000
State-Changed-Why:
pullup completed


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.